pingcastle
pingcastle copied to clipboard
vletoux
PingCastle - Get Active Directory Security at 80% in 20% of the time
A new rule for dhcp admins needed? https://www.akamai.com/blog/security-research/abusing-dhcp-administrators-group-for-privilege-escalation-in-windows-domains
When targeting is in place, PingCaslte ignores this information: - Rule ID: A-MembershipEveryone  Example: https://www.policypak.com/resources/pp-blog/gpo-item-level-targeting/
- PingCastle 3.2.0.1 - Running parameters: "--healthcheck --server domain.local,child.domain.local" - Environment: AD forest "domain.local" + child domain "child.domain.local", running PingCastle from a server on "domain.local". Running user is a Group...
The check for "Check if authentication certificate templates allow users to control the subject" is valued with just 15 points, but might result in a straight domain takeover from any...
A wrong --foreigndomain parameter like e.g. `PingCastle.exe --foreigndomain doesnt_exist.no --healthcheck` is ignored and the default domain is scanned. Alse there's no indication of the problem in the output, the only...
First off, thanks for such a great tool! As I've been using with PingCastle, I've had a need to exclude certain rules that may show up in the environment, but...
Pingcastle 3.2.0.0 crashed with the error below: ``` ... [14:12:45] Gathering WSUS data [14:13:27] Gathering MSOL data The AD query failed. Using the alternative protocol (LDAPConnection) The AD query failed....
A few years ago Microsoft released an update which adds additional protections for abuse of NTLM pass-through authentication: [Windows updates add new NTLM pass-through authentication protections for CVE-2022-21857](https://learn.microsoft.com/en-us/troubleshoot/windows-server/windows-security/windows-updates-add-new-ntlm-pass-through-authentication-protections) One component...
If the ms-DS-MachineAccountQuota in the Active Directory is "not set" it is possible to add computers to the domain if the SeMachineAccountPrivilege is set to "Authenticated Users". However the PingCastle...
Hi, could you please provide example reports run on average/SMB/Enterprise AD for educational purposes? I am just looking for some reports from PingCastle, however I cannot find any. Thanks.
